Amendments to the Claims: 



This listing of claims will replace all prior versions and listings of claims in the 
application: 

Listing of the Claims: 

WHAT IS CLAIMED IS: 

« 

1. (Currently Amended) A system for controlling an application process comprising: 

an injector operable to be stored on a computer readable medium: 

redirect code operable to be placed in a memory of the application proces s by the 

injector and bypass security in place at a remote computing system ; and 

a library of redirect functions operable to be referenced by the redirect code 

during the application process execution, the redirect code operable to intercept a set of 

target function calls made by the application process and execute the redirect functions 

for the intercepted target function calls. 

2. (Original) The system, as set forth in claim 1, wherein the injector is pushed to a 
device executing the application process. 

3. (Original) The system, as set forth in claim I, wherein the set of target function calls 
comprises socket function calls. 

4. (Original) The system, as set forth in claim 1, wherein the library of redirect 
functions comprises a dynamic link library. 

5. (Original) The system, as set forth in claim 1 , further comprising: 

a secure environment having a plurality of resources; 
a firewall securing all access to the plurality of resources in the secure 
environment; and 

an access policy pushed to a device executing the application process, the access 
policy identifying the resources authorized for access by the device. 



6. (Original) The system, as set forth in claim 5, wherein the application process 
comprises an application operable to communicate with the secure environment resources 
using an Internet transport protocol, the redirect code, and the redirect functions. 

7. (Original) The system, as set forth in claim 1, wherein the application process 
comprises an email application. 

8. (Original) The system, as set forth in claim 1, wherein the application process 
comprises a web browser application. 

9. (Original) The system, as set forth in claim 1, wherein the application process 
comprises a file transfer application. 

1 0. (Currently Amended) A method for controlling an application process 
comprising: 

pushing an injector to a device executing the application process; 
injecting a redirect code into the application process and bypass security in place at a 
remote computing system ; 

executing the redirect code in the application process to reference a redirect 
library of redirect functions; 

resuming the execution of the application process; and 

intercepting at least one target function calls made by the application process and 
executing at least one redirect function in place of the at least one target function calls. 

11. (Original) The method, as set forth in claim 10, wherein injecting a redirect code 
further comprises: 

starting the application process; 

interrupting the execution of the application process; and 

injecting the redirect code into a memory space of the application process. 



12. (Original) The method, as set forth in claim 10, wherein injecting a redirect code 
further comprises: 

starting the application process using a debug option; 
catching an exception thrown by the application process; 
locating memory space in the application process; 

injecting the redirect code into the memory space of the application process; and 
set an instruction pointer to the redirect code. 

13. (Original) The method, as set forth in claim 10, wherein injecting a redirect code 
further comprises: 

starting the application process using a suspend option; 
creating memory space in the application process; 

injecting the redirect code into the memory space of the application process; and 
set an instruction pointer to the redirect code. 

14. (Original) The method, as set forth in claim 10, wherein injecting a redirect code 
further comprises: 

starting the application process using a suspend option; 
creating memory space in the application process; 

injecting the redirect code into the memory space of the application process; and 
use a create remote thread function to execute the redirect code. 

15. (Original) The method, as set forth in claim 10, wherein executing the redirect code 
comprises: 

loading the redirect library of redirect functions; 

determining a location of an import table replacement function in the redirect 
library; and executing the import table replacement function. 

16. (Original) The method, as set forth in claim 1.5, wherein loading the redirect library 
of redirect functions comprises loading a dynamic link library. 



17. (Original) The method, as set forth in claim 15, wherein executing the import table 
replacement function comprises: 

searching an import table of the application process for the set of target function 
calls; and 

modifying the target function calls to reference redirect functions in the redirect 

library. 

18. (Original) The method, as set forth in claim 15, wherein executing the import table 
replacement function comprises: 

searching dynamic link libraries of the application process for the set of target 
function calls; and 

modifying the target function calls to reference redirect functions in the redirect 

library. 

19. (Original) The method, as set forth in claim 10, further comprising: 

receiving user information; 
authenticating the user information; 

pushing an access policy specifying resources accessible by a user associated with 
the user information to a device used by the user. 

20. (Original) The method, as set forth in claim 19, wherein intercepting at least one 
target function call comprises intercepting at least one socket function call. 

21. (Original) The method, as set forth in claim 19, further comprising executing redirect 
functions to enable a secured access to a plurality of resources via a firewall. 

22. (Currently Amended) A method comprising: 

receiving user information; 
authenticating the user information; 

pushing an injector to a device executing an application process; and 
intercepting at least one target function call made by the application process to at 
least one of a plurality of secure resources and executing at least one redirect function in 
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place of the at least one target function call , the at least one redirect function operable to 
bypass security in place at a remote computing system . 

23. (Original) The method, as set forth in claim 22, further comprising: 

injecting a redirect code into the application process; 
executing the redirect code in the application process to reference a redirect 
library of 

redirect functions; and 

resuming the execution of the application process. 

24. (Original) The method, as set forth in claim 23, wherein injecting a redirect code 
farther comprises: 

starting the application process; 

interrupting the execution of the application process; and 

injecting the redirect code into a memory space of the application process. 

25. (Original) The method, as set forth in claim 23, wherein injecting a redirect code 
further comprises: 

starting the application process using a debug option; 
catching an exception thrown by the application process; 
locating memory space in the application process; 

injecting the redirect code into the memory space of the application process; and 
set an instruction pointer to the redirect code. 

26. (Original) The method, as set forth in claim 23, wherein injecting a redirect code 
further comprises: 

starting the application process using a suspend option; 
creating memory space in the application process; 

injecting the redirect code into the memory space of the application process; and 
set an instruction pointer to the redirect code. 



27. (Original) The method, as set forth in claim 23, wherein injecting a redirect code 
further comprises: 

starting the application process using a suspend option; 
creating memory space in the application process; 

injecting the redirect code into the memory space of the application process; and 
use a create remote thread function to execute the redirect code. 

28. (Original) The method, as set forth in claim 23, wherein executing the redirect code 
comprises: 

loading the redirect library of redirect functions; 

determining a location of an import table replacement function in the redirect 
library; and 

executing the import table replacement function. 

29. (Original) The method, as set forth in claim 28, wherein loading the redirect library 
of redirect functions comprises loading a dynamic link library. 

30. (Original) The method, as set forth in claim 28, wherein executing the import table 
replacement function comprises: 

searching an import table of the application process for the set of target function 
calls; and 

modifying the target function calls to reference redirect functions in the redirect 

library. 

31. (Original) The method, as set forth in claim 28, wherein executing the import table 
replacement function comprises: 

searching dynamic link libraries of the application process for the set of target 
function calls; and 

modifying the target function calls to reference redirect functions in the redirect 

library. 



32. (Original) The method, as set forth in claim 22, wherein intercepting at least one 
target 

function call comprises intercepting at least one socket function call. 

33. (Original) The method, as set forth in claim 22, further comprising executing redirect 
functions to enable a secured access to a plurality of resources via a firewall. 



